News Release

Cisco Systems Delivers NAC Appliance 4.0 - Evolves Policy- compliant Network Security for Distributed Enterprises

Protection Enhanced for Corporate LANs, Branch Offices, VPNs and Wireless Network Access Points
Jul 10, 2006

SAN JOSE, Calif., July 9, 2006 - Cisco Systems® today announced the delivery of NAC Appliance 4.0, the latest edition of the company's Network Admission Control solution designed to protect businesses from information security risks ushered in by non-compliant users and devices.

Designed to address the growing business and information technology security challenges caused by increasingly unpredictable threats, the appliance builds on Cisco's vision of NAC by providing policy enforcement at network entry points throughout a distributed enterprise. It features significant policy-enforcement capabilities for protecting local-area networks (LANs) as well as remote office, virtual private networks (VPNs) and wireless access points.

Since Cisco released NAC in 2003, the marketplace has witnessed a flurry of related offerings. The role of Cisco's NAC Appliance 4.0 extends well beyond point products available in the marketplace today. The NAC Appliance addresses network access across all segments of an enterprise network - wired, wireless and remote - covering all network entry points and, in turn, establishing itself as an integral part of a business' network security infrastructure.

"NAC Appliance 4.0 represents a fundamental part of the Self-Defending Network's infrastructure," said Mick Scully, Cisco's vice president of product management for security. "It helps enable enterprise organizations to successfully defend against outside threats that may enter through wireless and VPN connections as well as threats that come from within corporate LANs and branch offices. It is a network-wide solution."

The solution is based on Cisco NAC's four cornerstone elements: authentication and posture assessment, policy enforcement, quarantine and remediation, and centralized management. At any given entry point, Cisco's NAC Appliance 4.0 identifies an assortment of users and networked devices - from employees, contractors and guests to endpoints with various operating systems (Windows, Macintosh or Linux-based desktops and laptops), PDAs, printers and IP phones. The NAC Appliance assesses their role in accessing the network, verifies their compliance with corporate security policies and grants appropriate network privileges.

Non-compliant devices are blocked and quarantined. Vulnerability updates can be automatically administered to the operating system as well as updated antivirus and anti-spyware software. Once users and devices are confirmed as compliant with corporate security policies, they are granted network access. Throughout this automated process, NAC Appliance 4.0 can collaborate with the entire network and security infrastructure to ensure that policies are enforced across the enterprise.

"NAC Appliance is a versatile solution that enables us to unify our business operations and network security," said Mark Connelly, chief information security officer for Sun Microsystems. "It delivers NAC's four requisite functions for all segments of our network, and it does this by distinguishing multiple device types and operating systems. Not all vendors can do this. The automated enforcement offloads administrative overhead typically devoted to manual device updates, generating greater savings on our cost structures - not to mention ensuring secure and efficient operations."

"With NAC Appliance, we can offer our clients a simple but powerful solution to the problem of enforcing policies on their incoming network users," said Malcolm Seagrave, senior security product manager at Cable & Wireless. "Because of its broad array of supported authenticated mechanisms, antivirus and anti-spyware packages and Windows hotfixes, we can very easily customize a network admissions control solution to any client requirements."

"Cisco Systems' NAC strategy has taken a dramatic step forward with this new release," said Jon Jensen, chief executive officer of the technology solutions provider Nexus IS. "This solution provides a vehicle to ensure policy compliance and network enforcement for local, remote, and wireless users, and is flexible enough to support the small office to the large enterprise."

Among its various enhancements, Cisco's NAC Appliance 4.0 offers flexible options to overcome the deployment complexity inherent in enterprise networks. While the appliance can be deployed inline or "out-of-band" with network traffic at Layer 2, it can also be positioned out-of-band at Layer 3 to minimize the number of servers required for multiple locations. Such an option is especially beneficial for larger enterprises with complex distributed networks.

In addition, the appliance provides convenient single sign-on functions for VPN clients, wireless clients and Windows Active Directory domains - an industry first among NAC solutions. This functionality, along with many existing management and configuration capabilities, provides simplified system operations and enhances employee productivity.

While the appliance is interoperable with various operating systems, it also collaborates with numerous Cisco security products and other vendors' networking equipment, extending its benefits within a more scalable and collaborative network security infrastructure. These products include Cisco Airespace® wireless access points, as well as Cisco Security Agent for endpoint-based protection and the VPN services within the Cisco Adaptive Security Appliance (ASA) family.